diff --git a/README.md b/README.md
index 6a3600f70..240eae847 100644
--- a/README.md
+++ b/README.md
@@ -216,6 +216,8 @@ The following is a list of static resources.
- [azure_postgresql_databases](docs/resources/azure_postgresql_databases.md)
- [azure_postgresql_server](docs/resources/azure_postgresql_server.md)
- [azure_postgresql_servers](docs/resources/azure_postgresql_servers.md)
+- [azure_power_bi_gateway](docs/resources/azure_power_bi_gateway.md)
+- [azure_power_bi_gateways](docs/resources/azure_power_bi_gateways.md)
- [azure_public_ip](docs/resources/azure_public_ip.md)
- [azure_redis_cache](docs/resources/azure_redis_cache.md)
- [azure_redis_caches](docs/resources/azure_redis_caches.md)
diff --git a/docs/resources/azure_power_bi_gateway.md b/docs/resources/azure_power_bi_gateway.md
new file mode 100644
index 000000000..6a37f23ab
--- /dev/null
+++ b/docs/resources/azure_power_bi_gateway.md
@@ -0,0 +1,82 @@
+---
+title: About the azure_power_bi_gateway Resource
+platform: azure
+---
+
+# azure_power_bi_gateway
+
+Use the `azure_power_bi_gateway` InSpec audit resource to test the properties related to Azure Power BI gateway.
+
+## Azure REST API version, Endpoint, and HTTP Client Parameters
+
+This resource interacts with API versions supported by the resource provider. The `api_version` is defined as a resource parameter.
+If not provided, the latest version is used. For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint and default values for the HTTP client are used. For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). For an example, `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+`gateway_id` is a required parameter.
+
+```ruby
+describe azure_power_bi_gateway(gateway_id: 'GATEWAY_ID') do
+ it { should exist }
+end
+```
+
+## Parameters
+
+`gateway_id` _(required)_
+
+The gateway ID.
+
+## Properties
+
+| Property | Description |
+|-------------------------------------|------------------------------------------------------------------|
+| id | The gateway ID. |
+| name | The gateway name. |
+| type | The gateway type. |
+| publicKey.exponent | The public key exponent. |
+| publicKey.modulus | The public key modulus.
+
+For properties applicable to all resources, such as `type`, `name`, `id`, and `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/power-bi/gateways/get-gateway) for other properties available.
+
+## Examples
+
+### Test that the Power BI gateway's exponent is `AQAB`
+
+```ruby
+describe azure_power_bi_gateway(gateway_id: 'GATEWAY_ID') do
+ its('publicKey.exponent') { should eq 'AQAB' }
+end
+```
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](/inspec/matchers/).
+
+### exists
+
+```ruby
+# If the Azure Power BI gateway is found, it will exist
+describe azure_power_bi_gateway(gateway_id: 'GATEWAY_ID') do
+ it { should exist }
+end
+# if the Azure Power BI gateway is not found, it will not exist
+describe azure_power_bi_gateway(gateway_id: 'GATEWAY_ID') do
+ it { should_not exist }
+end
+```
+
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be set up with a `Dataset.Read.All` role on the Azure Power BI Workspace you wish to test.
diff --git a/docs/resources/azure_power_bi_gateways.md b/docs/resources/azure_power_bi_gateways.md
new file mode 100644
index 000000000..744167e67
--- /dev/null
+++ b/docs/resources/azure_power_bi_gateways.md
@@ -0,0 +1,88 @@
+---
+title: About the azure_power_bi_gateways Resource
+platform: azure
+---
+
+# azure_power_bi_gateways
+
+Use the `azure_power_bi_gateways` InSpec audit resource to test the properties related to all Azure Power BI gateways.
+
+## Azure REST API version, Endpoint, and HTTP Client Parameters
+
+This resource interacts with API versions supported by the resource provider. The `api_version` is defined as a resource parameter.
+If not provided, the latest version is used. For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint and default values for the HTTP client is used. For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). For an example, `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+An `azure_power_bi_gateways` resource block returns all Azure Power BI gateways.
+
+```ruby
+describe azure_power_bi_gateways do
+ #...
+end
+```
+
+## Parameters
+
+## Properties
+
+|Property | Description | Filter Criteria* |
+|--------------------------------|------------------------------------------------------------------------|------------------|
+| ids | List of all gateway IDs. | `id` |
+| names | List of all the gateway names. | `name` |
+| types | List of all the gateway types. | `type` |
+| exponents | List of all public key exponents. | `exponent` |
+| modulus | List of all public key modulus. | `modulus` |
+
+
+* For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/dev-docs/filtertable-usage.md).
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/power-bi/Gateways/get-Gateways) for other available properties.
+
+## Examples
+
+### Loop through Power BI gateways by their IDs
+
+```ruby
+azure_power_bi_gateways.ids.each do |id|
+ describe azure_power_bi_gateway(gateway_id: id) do
+ it { should exist }
+ end
+end
+```
+
+### Test to ensure all Power BI gateways exponent is `AQAB`
+
+```ruby
+describe azure_power_bi_gateways.where(exponent: 'AQAB') do
+ it { should exist }
+end
+```
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+```ruby
+# Should not exist if no Power BI gateways are present
+describe azure_power_bi_gateways do
+ it { should_not exist }
+end
+# Should exist if the filter returns at least one Power BI gateways
+describe azure_power_bi_gateways do
+ it { should exist }
+end
+```
+
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be set up with a `Dataset.Read.All` role on the Azure Power BI Workspace you wish to test.
diff --git a/libraries/azure_power_bi_gateway.rb b/libraries/azure_power_bi_gateway.rb
new file mode 100644
index 000000000..575639817
--- /dev/null
+++ b/libraries/azure_power_bi_gateway.rb
@@ -0,0 +1,34 @@
+require 'azure_generic_resource'
+
+class AzurePowerBIGateway < AzureGenericResource
+ name 'azure_power_bi_gateway'
+ desc 'Retrieves and verifies the settings of a Azure Power BI Gateway'
+ example <<-EXAMPLE
+ describe azure_power_bi_gateway(gateway_id: '95a4871a-33a4-4f35-9eea-8ff006b4840b') do
+ it { should exist }
+ end
+ EXAMPLE
+
+ attr_reader :table
+
+ AUDIENCE = 'https://analysis.windows.net/powerbi/api'.freeze
+
+ def initialize(opts = {})
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ Validators.validate_parameters(resource_name: @__resource_name__, required: %i(gateway_id),
+ opts: opts)
+
+ opts[:name] = opts.delete(:gateway_id)
+ opts[:resource_uri] = "https://api.powerbi.com/v1.0/myorg/gateways/#{opts[:name]}"
+ opts[:audience] = AUDIENCE
+ opts[:add_subscription_id] = false
+ opts[:is_uri_a_url] = true
+ opts[:api_version] = 'v1.0'
+ super
+ end
+
+ def to_s
+ super(AzurePowerBIGateway)
+ end
+end
diff --git a/libraries/azure_power_bi_gateways.rb b/libraries/azure_power_bi_gateways.rb
new file mode 100644
index 000000000..d423d6a05
--- /dev/null
+++ b/libraries/azure_power_bi_gateways.rb
@@ -0,0 +1,39 @@
+require 'azure_generic_resources'
+
+class AzurePowerBIGateways < AzureGenericResources
+ name 'azure_power_bi_gateways'
+ desc 'Retrieves and verifies the settings of all Azure Power BI Gateways.'
+ example <<-EXAMPLE
+ describe azure_power_bi_gateways do
+ it { should exist }
+ end
+ EXAMPLE
+
+ AUDIENCE = 'https://analysis.windows.net/powerbi/api'.freeze
+
+ def initialize(opts = {})
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_uri] = 'https://api.powerbi.com/v1.0/myorg/gateways'
+ opts[:audience] = AUDIENCE
+ opts[:add_subscription_id] = false
+ opts[:is_uri_a_url] = true
+ opts[:api_version] = 'v1.0'
+ super
+ return if failed_resource?
+
+ populate_filter_table_from_response
+ end
+
+ def to_s
+ super(AzurePowerBIGateways)
+ end
+
+ private
+
+ def populate_table
+ @resources.each do |resource|
+ @table << resource.merge(resource[:publicKey])
+ end
+ end
+end
diff --git a/test/integration/verify/controls/azure_power_bi_gateway.rb b/test/integration/verify/controls/azure_power_bi_gateway.rb
new file mode 100644
index 000000000..8648c864b
--- /dev/null
+++ b/test/integration/verify/controls/azure_power_bi_gateway.rb
@@ -0,0 +1,8 @@
+gateway_id = input(:gateway_id, value: '')
+control 'Verify settings of a Power BI Dashboard' do
+ describe azure_power_bi_gateway(gateway_id: gateway_id) do
+ it { should exist }
+ its('type') { should eq 'Resource' }
+ its('publicKey.exponent') { should eq 'AQAB' }
+ end
+end
diff --git a/test/integration/verify/controls/azure_power_bi_gateways.rb b/test/integration/verify/controls/azure_power_bi_gateways.rb
new file mode 100644
index 000000000..df20edaa9
--- /dev/null
+++ b/test/integration/verify/controls/azure_power_bi_gateways.rb
@@ -0,0 +1,7 @@
+control 'verify settings of Power BI Gateways' do
+ describe azure_power_bi_gateways do
+ it { should exist }
+ its('types') { should include 'Resource' }
+ its('exponents') { should include 'AQAB' }
+ end
+end
diff --git a/test/unit/resources/azure_power_bi_gateway_test.rb b/test/unit/resources/azure_power_bi_gateway_test.rb
new file mode 100644
index 000000000..43c30cdf7
--- /dev/null
+++ b/test/unit/resources/azure_power_bi_gateway_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_power_bi_gateway'
+
+class AzurePowerBIGatewayConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzurePowerBIGateway.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzurePowerBIGateway.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group_name_alone_ok
+ assert_raises(ArgumentError) { AzurePowerBIGateway.new(name: 'my-name', resource_group: 'test') }
+ end
+end
diff --git a/test/unit/resources/azure_power_bi_gateways_test.rb b/test/unit/resources/azure_power_bi_gateways_test.rb
new file mode 100644
index 000000000..ce911f31e
--- /dev/null
+++ b/test/unit/resources/azure_power_bi_gateways_test.rb
@@ -0,0 +1,23 @@
+require_relative 'helper'
+
+require 'azure_power_bi_gateways'
+
+class AzurePowerBIGatewaysConstructorTest < Minitest::Test
+ # resource_type should not be allowed.
+
+ def test_resource_type_not_ok
+ assert_raises(ArgumentError) { AzurePowerBIGateways.new(resource_provider: 'some_type') }
+ end
+
+ def tag_value_not_ok
+ assert_raises(ArgumentError) { AzurePowerBIGateways.new(tag_value: 'some_tag_value') }
+ end
+
+ def tag_name_not_ok
+ assert_raises(ArgumentError) { AzurePowerBIGateways.new(tag_name: 'some_tag_name') }
+ end
+
+ def test_name_not_ok
+ assert_raises(ArgumentError) { AzurePowerBIGateways.new(name: 'some_name') }
+ end
+end